Job Description
The Security Officer is responsible for all activities related to designing, selecting, implementing, and maintaining security controls for major information systems supporting federal government contracts, including achieving and sustaining authorization to operate (ATO) following NIST Risk Management Framework procedures and guidance mandated under FISMA. Key job duties including specifying and documenting security control requirements, supporting security control assessments, and working with development and implementation team members to ensure that all security requirements are adequately addressed. The Security Officer also identifies relevant security and privacy standards and regulations applicable to systems under development or in operation and helps ensure compliance with those standards and regulations.
Key responsibilities
Analyze systems, data, and operating environments to determine appropriate security controls while managing a team.
Produce key authorization package documentation, including System Security Plans, Contingency Plans, Security Test Plans, Plans of Action and Milestones, Privacy Impact Assessments, and related artifacts
Collaborate with technical team members to incorporate security perspectives in SDLC artifacts associated with requirements, design, development, testing, and operations and maintenance life cycle phases
Review system architecture and system design documentation to identify security-relevant aspects of systems and solutions and accurately reflect that information in security documentation
Work closely with project team members to make sure that applicable security requirements are incorporated in systems and solutions deployed for the project
Participate in business, technical, and security reviews of the solution to explain selected security and privacy controls
Perform initial and ongoing risk assessments of the system
< 10% travel is required
Minimum Qualifications:
Minimum 5-7 years relevant experience
Bachelor’s Degree or equivalent experience
Strong technical knowledge of networks, operating systems, and n-tier applications
Experience performing risk management framework and system authorization tasks in a FISMA (i.e., federal government agency) setting
Familiarity with NIST standards and guidance including FIPS 199, FIPS 200, and the 800 series of Special Publications
CMS experience
Prior experience performing in the role of an information security officer/information systems security officer (ISO/ISSO) on a federal government contract
Relevant security certifications such as CISSP, SSCP, CAP, or CISA
Experience securing systems or environments that process personally identifiable information (PII) or protected health information (PHI)
Preferred Qualifications:
Experience with Centers for Medicare & Medicaid Services (CMS) systems, including Technical Review Board (TRB) review and compliance processes
Formal education or professional experience in information assurance, information security management, or security operations
Experience working with online security tools such as Trusted Agent FISMA, RSA Archer, or CSAM
Excellent organizational, interpersonal, verbal, and written communication skills
Ability to work effectively as part of an integrated project team, while also taking ownership of assigned tasks to successfully achieve explicit delivery dates and milestones
Ability to perform comfortably in a fast-paced, deadline oriented work environment
Ability to successfully execute many complex tasks simultaneously
What We Offer
Our mission is to provide comprehensive and competitive pay, benefits, services, and programs to eligible employees and their dependents that:
Ensure optimal health and productivity of our employees
Support employee retention and attraction
Provide work/life balance to ensure our employees succeed inside and outside of the office
Compensation
$133,531.24 - $213,649.98The pay range for this job is determined by various factors, including but not necessarily limited to location, responsibilities of the job, and alignment with market data. When determining a salary for this role, the following factors may be taken into consideration - contract-specific affordability, education, knowledge, skills, competencies and experience. The estimate displayed represents the salary range for this position and is just one component of Cognosante’s total compensation package for employees. It is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific employee.
Cognosante will not provide sponsorship for employment-based immigration benefits for this position.
What We Promise
Cognosante employees are inspired by our bold mission to improve lives. To achieve this mission, we put our people first. No matter where they're located around the nation, our innovative workplaces enable individuals to apply their skills and experience to work toward a greater good.
We foster a winning culture of solution creators built on innovation, collaboration, flexibility, and work-life balance. And we invest in the next generation of diverse talent to foster an inclusive, progressive, adaptable workplace that prioritizes advancement for all. As an affirmative action employer, we are committed to equal opportunity regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Your safety during your job search is important. Recruiting communications will always be sent through one of the following corporate domain emails (@cognosante.com or @accurate.com).
We will never send communications through any other domain, including @cognosantecareers.com, @gmail.com or @yahoo.com). We will never request payment from you, nor will we send payment to you, prior to your start date. If you have been asked to send or receive any payment, or if you have any doubt about whether you have been contacted by a Cognosante employee, please contact us at jobs@cognosante.com